Privacy Policy

This Privacy Policy explains how PAUELLE LIMITED ("Pauelle", "we", "us", "our") collects, uses, and protects personal data in connection with Fibre - secure file uploads for Intercom - and our websites, apps, and related services (collectively, the "Services").

1. Roles & responsibilities

• Customer as Controller. When your organisation uses Fibre with Intercom to collect files from your end-users, you are the data controller of end-user data.
• Pauelle as Processor. For those end-user flows, Pauelle acts as your data processor.
• Pauelle as Controller. For account, billing, support, and website data relating to your team, Pauelle is the controller.

We'll provide a Data Processing Addendum (DPA) on request and, where applicable, UK/EU Standard Contractual Clauses for international transfers.

2. What we (do and don't) collect

2.1 Data we process to run Fibre

• Workspace & account data: org name, email addresses, role, authentication identifiers, and billing contact details.
• Intercom app data (minimal): IDs needed to render Canvas cards or reply with notes (e.g., conversation ID, user ID, app install/workspace IDs), and the payloads Intercom sends to our initialize/submit webhooks. We do not read or store full message histories unless you explicitly enable a feature that requires it.
• Destination & auth config: connection metadata for your chosen storage (e.g., Drive folder ID, S3 bucket, Azure container) and tokens/keys necessary to create short-lived upload/download sessions. We store these encrypted at rest using a managed key service.
• Operational telemetry: request timestamps, status codes, job IDs, and security logs (e.g., authentication events, error traces without document contents).

2.2 Data we do not store by design

• File contents. End-user files upload directly from the browser to your storage (e.g., Google Drive, S3, Azure Blob) via resumable or pre-signed sessions. File bytes do not transit or persist on Pauelle's servers.
• Durable file pointers. We avoid storing stable identifiers for uploaded files. For reliability, we may use short-lived, signed tokens or ephemeral queue messages so workers can complete tasks (e.g., posting a success note), then those references expire.

2.3 Optional AI summaries (if you enable them)

• We download in memory from your storage using short-lived credentials, extract text, generate a summary, and (optionally) write the summary back to your storage.
• We do not retain the file or its text after processing.
• If a third-party AI provider is used, they act as a sub-processor under a DPA; we contractually prohibit training on your data.

3. Google Drive Data Access & Usage

When you connect Google Drive as your file destination, Fibre accesses Google user data as follows:

3.1 Data Accessed

• Google Drive Files & Folders: We access Google Drive to create folders and upload files on your behalf. Specifically, we request the https://www.googleapis.com/auth/drive scope to:
  • • List folders in your Google Drive (to help you select a destination folder)
  • • Create new folders (when you request to create a folder for file uploads)
  • • Create resumable upload sessions (to enable customers to upload files directly to your chosen folder)
• Google Account Email: We access your Google account email address to identify which Google account is connected to your Fibre workspace.

3.2 How We Use Google Data

• Enable Direct File Uploads: We use your Google Drive access to generate short-lived, resumable upload URLs. These URLs allow your customers to upload files directly from their browser to your Google Drive folder without the files passing through Fibre's servers.
• Folder Management: We list and create folders only when you explicitly request these actions through the Fibre dashboard.
• Service Configuration: We store your chosen folder ID and Google account email to maintain your file destination configuration.

Important: Fibre does NOT read, access, modify, or delete any files in your Google Drive. We only create upload sessions that allow files to be added to your designated folder.

3.3 Google Data Sharing

We do NOT share your Google Drive data with any third parties. Your Google Drive access tokens and folder information are:

• • Stored encrypted at rest using AWS KMS (Key Management Service)
• • Used only by our application to perform the file upload operations you have configured
• • Never shared with, sold to, or made available to any third-party services or advertisers

3.4 Google Data Storage & Protection

• Encryption: Your Google Drive refresh tokens are encrypted at rest using AWS KMS with AES-256 encryption and transmitted only over TLS-encrypted connections.
• Access Control: Access to Google Drive credentials is restricted to our application servers and follows least-privilege principles. No human employees have direct access to your encrypted tokens.
• Secure Storage: Tokens are stored in a managed PostgreSQL database with encryption at rest, regular backups, and access logging.
• Token Rotation: We use OAuth 2.0 refresh tokens, which can be revoked at any time by disconnecting Google Drive from your Fibre dashboard or from your Google Account permissions page.

3.5 Google Data Retention & Deletion

• Retention: We retain your Google Drive connection data (refresh token, folder ID, account email) only for as long as you keep Google Drive connected as a destination in your Fibre workspace.
• Deletion Process: You can delete your Google Drive connection at any time by:
  • • Disconnecting Google Drive from the Fibre dashboard Destinations tab
  • • Revoking Fibre's access from your Google Account permissions page
  • • Deleting your Fibre account (which automatically removes all connected services)
• Immediate Effect: When you disconnect Google Drive, your refresh token is immediately deleted from our database. You can reconnect at any time by re-authorizing through OAuth.
• Files in Your Drive: Any files that have been uploaded to your Google Drive remain in your Drive even after disconnecting. Fibre never deletes files from your Google Drive.

For questions about your Google Drive data or to request deletion, contact us at privacy@fibrehq.com.

4. Why we process data (legal bases)

Under UK/EU GDPR we rely on:

• Contract (Art. 6(1)(b)) - to provide and support the Services you requested.
• Legitimate interests (Art. 6(1)(f)) - to secure, improve, and measure the Services (e.g., preventing abuse, debugging), balanced against your rights.
• Legal obligation (Art. 6(1)(c)) - to comply with tax, accounting, and regulatory requests.
• Consent (Art. 6(1)(a)) - where you opt into cookies/analytics or optional features.

5. How we use data

• To authenticate your team, configure destinations, and render the Intercom app.
• To create short-lived upload/download sessions to your chosen storage.
• To send Intercom notes or cards (e.g., "File received", "Summary ready").
• To provide support and communicate service changes.
• To secure the platform (monitoring, incident response, fraud/abuse prevention).
• For billing and account management.

6. Security

• Encryption in transit (TLS) and at rest (including KMS-backed encryption for secrets/tokens).
• Least privilege credentials and short-lived access tokens wherever possible.
• Segregated environments, audit logs, and access controls.
• No file storage: file contents do not reside on Pauelle infrastructure.

If we become aware of a personal-data breach that poses a risk to individuals, we will notify customers and regulators as required (e.g., within 72 hours under GDPR).

7. Sub-processors

We use carefully selected sub-processors to host and operate the Services (e.g., cloud hosting, managed databases, logging/monitoring, payment processing). We require appropriate data protection commitments from each provider. A current list is available on request and may include:

• Cloud hosting & DB (e.g., AWS/GCP/Vercel)
• Payments (e.g., Stripe)
• Intercom (if you use their messenger on our site)
• AI provider(s) (only if you enable summaries)

We will notify customers before adding or replacing a sub-processor where legally required.

8. International transfers

Where data moves outside the UK/EEA, we use approved safeguards, such as the UK/EU Standard Contractual Clauses and supplementary measures.

9. Data retention

• Account & billing data: kept for the life of the account and as required by law (typically 6–7 years for tax records).
• Auth secrets/tokens: retained until you disconnect or rotate the integration; routinely rotated where supported.
• Ephemeral job data: message queues and signed tokens expire automatically (e.g., hours to days).
• Logs: retained for security/operations for a limited period (e.g., 30–90 days) unless needed to investigate an incident.

You can request deletion of account-level data; some records may be retained where required by law or for the establishment, exercise, or defence of legal claims.

10. Your rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict, object, and port your personal data.

• If you're an end-user of a Fibre customer, please contact the customer (the controller).
• If you're a customer/admin of Fibre, contact us at privacy@fibrehq.com.

You also have the right to lodge a complaint with your local supervisory authority (e.g., the ICO in the UK).

11. Cookies & analytics

We use essential cookies for authentication and security. Any analytics or marketing cookies are opt-in and controlled via consent tools where applicable. See our Cookie Notice for details.

12. Children

Our Services are not directed to children under 16, and we do not knowingly collect their personal data.

13. Third-party services

Your use of third-party services (e.g., Google Drive, AWS S3, Azure Blob, Intercom) is governed by their own terms and privacy policies. You are responsible for configuring those services (including retention and access controls).

14. Changes to this policy

We may update this policy from time to time. We will post the revised version with a new "Last updated" date and, if changes are material, provide reasonable notice.

15. Contact

PAUELLE LIMITED
Email: privacy@fibrehq.com
For DPA requests or sub-processor list updates, email legal@fibrehq.com.